[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] 8 out of 10 mobile health apps open to HIPAA violations, hacking, data theft
From: InfoSec News <alerts () infosecnews ! org>
Date: 2016-01-14 8:20:06
Message-ID: alpine.DEB.2.02.1601140819550.18700 () infosecnews ! org
[Download RAW message or body]
http://www.healthcareitnews.com/news/8-out-10-mobile-health-apps-open-hipaa-violations-hacking-data-theft
By Bill Siwicki
Healthcare IT News
January 13, 2016
A new report shows 84 percent of U.S. FDA-approved health apps tested by
IT security vendor Arxan Technologies did not adequately address at least
two of the Open Web Application Security Project top 10 risks.
Most health apps are susceptible to code tampering and
reverse-engineering, two of the most common hacking techniques, the report
found. Ninety-five percent of the FDA-approved apps lack binary protection
and have insufficient transport layer protection, leaving them open to
hacks that could result in privacy violations, theft of personal health
information, as well as device tampering and patient safety issues.
The new research from Arxan, which this year placed special emphasis on
mobile health apps, was based on analysis of 126 popular health and
finance apps from the United States. United Kingdom, Germany and Japan.
There is a disparity between consumer confidence and the attention given
to security by app developers, the study found. While the majority of app
users and app executives said they believe their apps are secure, nearly
all apps Arxan assessed proved to be vulnerable
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic